Chapter 6. Logic Attacks
Information in this Chapter
- Understanding Logic Attacks
- Employing Countermeasures
How does the site work? This isn't an existential investigation into the Web application, but a technical one into the inner workings of policies and controls that enforce its security. Sites run into technical faults such as cross-site scripting (XSS) and SQL injection when developers fail to validate data coming from the Web browser or assume a misplaced level of trust in the user. Logic-based attacks work differently. There is still a malicious user on the other end of the HTTP connection, but this time, the attacker is searching for errors in workflows or trying to skip the straight line from point A to point B by making requests ...
Get Seven Deadliest Web Application Attacks now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.